diff options
author | Mark Kettenis <kettenis@cvs.openbsd.org> | 2023-01-19 00:18:20 +0000 |
---|---|---|
committer | Mark Kettenis <kettenis@cvs.openbsd.org> | 2023-01-19 00:18:20 +0000 |
commit | 8e68b26b4f2d7a88666297ee2ab37ac9b93b0cdf (patch) | |
tree | cc8a4015f569f55829ec4f7a3765f065a4b7ef6a | |
parent | 08c45d934fd84f5161508918995eda2de70c746a (diff) |
The binutils strip damages GNU_RELRO on binaries linked by ld.lld on at
least amd64. Fix this by switching to the llvm strip on architectures
that use ld.lld.
ok deraadt@
-rw-r--r-- | gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper | 10 | ||||
-rw-r--r-- | gnu/usr.bin/clang/llvm-objcopy/Makefile | 8 | ||||
-rw-r--r-- | gnu/usr.bin/clang/llvm-objcopy/strip.1 | 288 |
3 files changed, 302 insertions, 4 deletions
diff --git a/gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper b/gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper index 8682d58cbd1..a022d50c904 100644 --- a/gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper +++ b/gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.bsd-wrapper,v 1.28 2022/03/23 14:23:44 robert Exp $ +# $OpenBSD: Makefile.bsd-wrapper,v 1.29 2023/01/19 00:18:19 kettenis Exp $ .include <bsd.own.mk> @@ -29,7 +29,7 @@ MAN= binutils/doc/addr2line.1 binutils/doc/objcopy.1 \ SUBDIRS+= binutils CONF_SUBDIRS+= binutils INST_SUBDIRS+= binutils -MAN+= binutils/doc/strings.1 binutils/doc/strip.1 +MAN+= binutils/doc/strings.1 .if (${TARGET_ARCH} != "aarch64" && ${TARGET_ARCH} != "powerpc64" && \ ${TARGET_ARCH} != "riscv64") @@ -47,8 +47,12 @@ SKIP_AR= am__EXEEXT_7= am__EXEEXT_9= .endif .if ${LINKER_VERSION:L} == "bfd" +MAN+= binutils/doc/strip.1 maninstall: cd ${DESTDIR}${MANDIR}1 && rm -f ld.1 && ln ld.bfd.1 ld.1 +.else +# skip installing strip(1) which is am__EXEEXT_14 +SKIP_STRIP= am__EXEEXT_14= .endif # Used by the GNU Makefile @@ -139,7 +143,7 @@ install: maninstall INSTALL_PROGRAM='${INSTALL} -c ${INSTALL_STRIP} -o ${BINOWN} -g ${BINGRP} -m ${BINMODE}' \ INSTALL_DATA='${INSTALL} -c -o ${DOCOWN} -g ${DOCGRP} -m ${NONBINMODE}' \ INSTALL_INFO_HOST_MODULES='${INSTALL_INFO_HOST_MODULES}' \ - ${SKIP_AR} \ + ${SKIP_AR} ${SKIP_STRIP} \ $t .endfor .if ${LINKER_VERSION:L} == "bfd" diff --git a/gnu/usr.bin/clang/llvm-objcopy/Makefile b/gnu/usr.bin/clang/llvm-objcopy/Makefile index 4eb15f00857..fd602ff998b 100644 --- a/gnu/usr.bin/clang/llvm-objcopy/Makefile +++ b/gnu/usr.bin/clang/llvm-objcopy/Makefile @@ -1,8 +1,9 @@ -# $OpenBSD: Makefile,v 1.2 2021/12/17 14:55:47 patrick Exp $ +# $OpenBSD: Makefile,v 1.3 2023/01/19 00:18:19 kettenis Exp $ .include <bsd.own.mk> PROG= llvm-objcopy +MAN= llvm-objcopy.1 BINDIR= /usr/bin LIBEXECDIR=/usr/libexec @@ -24,6 +25,11 @@ SRCS= ConfigManager.cpp \ WasmWriter.cpp \ WasmObjcopy.cpp +.if ${LINKER_VERSION:L} == "lld" +LINKS= ${BINDIR}/llvm-objcopy ${BINDIR}/strip +MAN+= strip.1 +.endif + COFFObject.cpp: ln -s ${.CURDIR}/../../../llvm/llvm/tools/llvm-objcopy/COFF/Object.cpp $@ diff --git a/gnu/usr.bin/clang/llvm-objcopy/strip.1 b/gnu/usr.bin/clang/llvm-objcopy/strip.1 new file mode 100644 index 00000000000..9ca5638cbd0 --- /dev/null +++ b/gnu/usr.bin/clang/llvm-objcopy/strip.1 @@ -0,0 +1,288 @@ +.\" Man page generated from reStructuredText. +. +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.TH "LLVM-STRIP" "1" "2023-01-08" "13" "LLVM" +.SH NAME +llvm-strip \- object stripping tool +.SH SYNOPSIS +.sp +\fBllvm\-strip\fP [\fIoptions\fP] \fIinputs...\fP +.SH DESCRIPTION +.sp +\fBllvm\-strip\fP is a tool to strip sections and symbols from object files. +If no other stripping or remove options are specified, \fI\%\-\-strip\-all\fP +will be enabled. +.sp +By default, the input files are modified in\-place. If \(dq\-\(dq is specified for the +input file, the input is read from the program\(aqs standard input stream. +.sp +If the input is an archive, any requested operations will be applied to each +archive member individually. +.sp +The tool is still in active development, but in most scenarios it works as a +drop\-in replacement for GNU\(aqs \fBstrip\fP\&. +.SH GENERIC AND CROSS-PLATFORM OPTIONS +.sp +The following options are either agnostic of the file format, or apply to +multiple file formats. +.INDENT 0.0 +.TP +.B \-\-disable\-deterministic\-archives, \-U +Use real values for UIDs, GIDs and timestamps when updating archive member +headers. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-discard\-all, \-x +Remove most local symbols from the output. Different file formats may limit +this to a subset of the local symbols. For example, file and section symbols in +ELF objects will not be discarded. Additionally, remove all debug sections. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-enable\-deterministic\-archives, \-D +Enable deterministic mode when stripping archives, i.e. use 0 for archive member +header UIDs, GIDs and timestamp fields. On by default. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-help, \-h +Print a summary of command line options. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-no\-strip\-all +Disable \fI\%\-\-strip\-all\fP\&. +.UNINDENT +.INDENT 0.0 +.TP +.B \-o <file> +Write output to <file>. Multiple input files cannot be used in combination +with \-o. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-regex +If specified, symbol and section names specified by other switches are treated +as extended POSIX regular expression patterns. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-remove\-section <section>, \-R +Remove the specified section from the output. Can be specified multiple times +to remove multiple sections simultaneously. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-strip\-all\-gnu +Remove all symbols, debug sections and relocations from the output. This option +is equivalent to GNU \fBstrip\fP\(aqs \fB\-\-strip\-all\fP switch. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-strip\-all, \-s +For ELF objects, remove from the output all symbols and non\-alloc sections not +within segments, except for .gnu.warning, .ARM.attribute sections and the +section name table. +.sp +For COFF objects, remove all symbols, debug sections, and relocations from the +output. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-strip\-debug, \-d, \-g, \-S +Remove all debug sections from the output. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-strip\-symbol <symbol>, \-N +Remove all symbols named \fB<symbol>\fP from the output. Can be specified +multiple times to remove multiple symbols. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-strip\-unneeded +Remove from the output all local or undefined symbols that are not required by +relocations. Also remove all debug sections. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-version, \-V +Display the version of the \fBllvm\-strip\fP executable. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-wildcard, \-w +Allow wildcard syntax for symbol\-related flags. On by default for +section\-related flags. Incompatible with \-\-regex. +.sp +Wildcard syntax allows the following special symbols: +.TS +center; +|l|l|l|. +_ +T{ +Character +T} T{ +Meaning +T} T{ +Equivalent +T} +_ +T{ +\fB*\fP +T} T{ +Any number of characters +T} T{ +\fB\&.*\fP +T} +_ +T{ +\fB?\fP +T} T{ +Any single character +T} T{ +\fB\&.\fP +T} +_ +T{ +\fB\e\fP +T} T{ +Escape the next character +T} T{ +\fB\e\fP +T} +_ +T{ +\fB[a\-z]\fP +T} T{ +Character class +T} T{ +\fB[a\-z]\fP +T} +_ +T{ +\fB[!a\-z]\fP, \fB[^a\-z]\fP +T} T{ +Negated character class +T} T{ +\fB[^a\-z]\fP +T} +_ +.TE +.sp +Additionally, starting a wildcard with \(aq!\(aq will prevent a match, even if +another flag matches. For example \fB\-w \-N \(aq*\(aq \-N \(aq!x\(aq\fP will strip all symbols +except for \fBx\fP\&. +.sp +The order of wildcards does not matter. For example, \fB\-w \-N \(aq*\(aq \-N \(aq!x\(aq\fP is +the same as \fB\-w \-N \(aq!x\(aq \-N \(aq*\(aq\fP\&. +.UNINDENT +.INDENT 0.0 +.TP +.B @<FILE> +Read command\-line options and commands from response file \fI<FILE>\fP\&. +.UNINDENT +.SH COFF-SPECIFIC OPTIONS +.sp +The following options are implemented only for COFF objects. If used with other +objects, \fBllvm\-strip\fP will either emit an error or silently ignore +them. +.INDENT 0.0 +.TP +.B \-\-only\-keep\-debug +Remove the contents of non\-debug sections from the output, but keep the section +headers. +.UNINDENT +.SH ELF-SPECIFIC OPTIONS +.sp +The following options are implemented only for ELF objects. If used with other +objects, \fBllvm\-strip\fP will either emit an error or silently ignore +them. +.INDENT 0.0 +.TP +.B \-\-allow\-broken\-links +Allow \fBllvm\-strip\fP to remove sections even if it would leave invalid +section references. Any invalid sh_link fields will be set to zero. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-discard\-locals, \-X +Remove local symbols starting with \(dq.L\(dq from the output. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-keep\-file\-symbols +Keep symbols of type \fISTT_FILE\fP, even if they would otherwise be stripped. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-keep\-section <section> +When removing sections from the output, do not remove sections named +\fB<section>\fP\&. Can be specified multiple times to keep multiple sections. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-keep\-symbol <symbol>, \-K +When removing symbols from the output, do not remove symbols named +\fB<symbol>\fP\&. Can be specified multiple times to keep multiple symbols. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-preserve\-dates, \-p +Preserve access and modification timestamps in the output. +.UNINDENT +.INDENT 0.0 +.TP +.B \-\-strip\-sections +Remove from the output all section headers and all section data not within +segments. Note that many tools will not be able to use an object without +section headers. +.UNINDENT +.INDENT 0.0 +.TP +.B \-T +Remove Swift symbols. +.UNINDENT +.SH EXIT STATUS +.sp +\fBllvm\-strip\fP exits with a non\-zero exit code if there is an error. +Otherwise, it exits with code 0. +.SH BUGS +.sp +To report bugs, please visit <\fI\%https://bugs.llvm.org/\fP>. +.SH SEE ALSO +.sp +\fBllvm\-objcopy(1)\fP +.SH AUTHOR +Maintained by the LLVM Team (https://llvm.org/). +.SH COPYRIGHT +2003-2023, LLVM Project +.\" Generated by docutils manpage writer. +. |